What are the ways to use certificate for encryption? Can certificates be used to secure data submitted to Web sites, secure data received from Web sites, secure emails, and secure files stored on computers?

Communications over a network, such as the Internet, are subject to possible monitoring by unknown and, perhaps, malicious users. Public networks are treacherous for unencrypted sensitive information because anyone can access the network and analyze the data being transmitted between two points. Even private local area networks (LANs) are vulnerable to determined efforts by intruders to acquire physical access to the network. Consequently, if sensitive information is transmitted between computing devices on any type of network, users will almost certainly want to use some sort of encryption to keep their data private.

Encryption is the process of disguising a message or data in such a way as to hide its substance. It can be thought of as locking something valuable into a strongbox with a key. Conversely, decryption can be compared to opening the box and retrieving the valuable item. On computers, sensitive data in the form of e-mail messages, files on a disk, and files being transmitted across the network can be encrypted by using a key. Encrypted data and the key used to encrypt data are both unintelligible.

Public key encryption is not used to encrypt large amounts of data; instead, data is typically protected with a private key and that private key in turn is encrypted with the public key of the recipient of the data. The encrypted secret key will then be transmitted to the recipient along with the encrypted data. The recipient will use the private key to decrypt the secret key. The secret key will then be used to decrypt the message itself.

Certificates enable privacy for data that is transmitted using a number of different methods. Some of the commonly used privacy-enabling protocols that use certificates are:

• TLS - Used to secure data submitted to Web sites and data received from Web sites.
• Secure Multipurpose Internet Mail Extensions (S/MIME) - Used to secure emails.
• Encrypting File System (EFS) - Secure files stored on computers.